SEAMS 2019
Sat 25 - Sun 26 May 2019 Montreal, QC, Canada
co-located with ICSE 2019
Sun 26 May 2019 11:25 - 11:50 at Duluth - Security Chair(s): David Garlan

N-variant systems protect software from attack by executing multiple variants of a single program in parallel, checking regularly that they are behaving consistently. The variants are designed to behave identically during normal operation and differently during an attack. When different behavior (divergence) is detected, N-variant systems self-heal by either rolling back to a safe state or restarting. Unfortunately, an attacker can create a denial-of-service (DoS) attack from a diverging input by using it to force an N-variant system into an endless diverge/restart cycle.

This paper describes a defense, CRISPR-Inspired Program Resiliency (Crispy), that automatically protects N-variant systems from such DoS attacks. Crispy mitigates DoS attacks against N-variant systems using an automatic signature generation technique modeled on CRISPR/Cas, the bacterial adaptive immune system. Experiments on two webservers using exploits developed by an independent Red Team showed Crispy protected against 87.5% of DoS attacks with zero false positives. Overhead was minimal and varied according to the number of signatures maintained, which can be tailored to the threat model and performance requirements.

Sun 26 May

11:00 - 12:30: SEAMS 2019 - Security at Duluth
Chair(s): David GarlanCarnegie Mellon University
seams-2019-papers11:00 - 11:25
Narges KhakpourLinnaeus University, Charilaos SkandylasLinnaeus University, Goran Saman NarimanUniversity of Human Development , Danny WeynsLinnaeus University, Sweden
seams-2019-papers11:25 - 11:50
Jessica JonesArizona State University, Jason HiserUniversity of Virginia, Jack DavidsonUniversity of Virginia, Stephanie ForrestArizona State University
seams-2019-papers11:50 - 12:10
Sotirios LiaskosYork University, Bo WangYork University, Nahid AlimohammadiYork University
seams-2019-papers12:10 - 12:30
Byron DevriesGrand Valley State University, Betty H.C. ChengMichigan State University